From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
Description of problem:
When running up2date -v -l the report breaks detail lines. The broken
lines can not be rejoined to form a data stream to create an html table.
There is no consistancy in the report to reformat the data. I.e. How do
you tell a line that is a new package from one that is detail? A
delimited report would make a very nice option especially so it could be
reformatted into html and sent to an admin in an email message from a cron
job.
Version-Release number of selected component (if applicable):
How reproducible:
Always
Steps to Reproduce:
1.login as root
2.run "up2date -v -l"
3.
Actual Results:
Retrieving list of all available packages...
Removing installed packages from list of updates...
Removing packages marked to skip from list...
Getting headers for available packages...
Removing packages with files marked to skip from list...
filename: /etc/rc.d/init.d/halt
Getting headers for skipped packages...
Name Version Rel
--------------------------------------------------------------
LPRng 3.7.4 23
[RHSA-2001:077-05] When LPRng drops uid and gid, it fails to drop
membership in
its
supplemental groups.
SysVinit 2.78 17
[RHBA-2001:085-02] New SysVinit packages are available for Red Hat Linux
7.1; th
ese packages
fix a problem where various things would fail on a serial console (such
as single user mode) when used with the Linux kernel version 2.4.3 or
higher.
It is recommended that all users update to the fixed packages, especially
those that use a serial console.
XFree86-SVGA 3.3.6 38
[RHSA-2001:071-05] New updated XFree86 3.3.6 packages are available for
Red Hat
Linux 7.1,
7.0, and 6.2 which contain many security updates, bug fixes, and updated
drivers for various different families of video hardware including:
S3 Savage, S3 Trio64, S3 ViRGE, Intel i810/i815, ATI Rage Mobility Mach64,
and numerous other driver fixes and improvements.
Xconfigurator 4.9.29 1
[RHBA-2001:062-02] Support for mouse devices other than /dev/mouse is only
parti
ally complete in
the mouseconfig and Xconfigurator shipped with Red Hat Linux 7.1. This
has been corrected.
arts 2.1.2 1
[RHSA-2001:059-03] Updated kdelibs packages fixing a security problem,
some memo
ry leaks and
some minor bugs are available.
cpp 2.96 85
[RHBA-2001:082-05] Several bugs have been found and fixed in the GNU
Compiler Co
llection
snapshot which shipped with Red Hat Linux 7.1, and the last errata GCC
version available for Red Hat Linux 7.0.
devfsd 2.4.3 12
[RHSA-2001:084-03] A security hole has been found that does not affect the
defau
lt
configuration of Red Hat Linux, but it can affect some custom
configurations of Red Hat Linux 7.1. The bug is specific
to the Linux 2.4 kernel series. Aside from the fix, countless bugfixes
have been applied to this kernel as a result of code-audits by the
MC project of the Stanford University and others.
docbook-style-dsssl 1.64 2
[RHBA-2001:068-03] Updated DocBook stylesheets are available, which fix
some lay
out problems
that occur in common situations.
elm 2.5.5 1
[RHSA-2001:091-07] New elm packages are available for Red Hat Linux 5.2,
6.2, 7
and 7.1. These
packages fix a buffer overflow in the message-id handling.
fetchmail 5.9.0 0.7.1
[RHSA-2001:103-04] Updated fetchmail packages are now available for Red
Hat Linu
x 5.2, 6.2, 7,
and 7.1. These packages close a remotely-exploitable vulnerability in
fetchmail.
gcc 2.96 85
[RHBA-2001:082-05] Several bugs have been found and fixed in the GNU
Compiler Co
llection
snapshot which shipped with Red Hat Linux 7.1, and the last errata GCC
version available for Red Hat Linux 7.0.
gcc-c++ 2.96 85
[RHBA-2001:082-05] Several bugs have been found and fixed in the GNU
Compiler Co
llection
snapshot which shipped with Red Hat Linux 7.1, and the last errata GCC
version available for Red Hat Linux 7.0.
gcc-g77 2.96 85
[RHBA-2001:082-05] Several bugs have been found and fixed in the GNU
Compiler Co
llection
snapshot which shipped with Red Hat Linux 7.1, and the last errata GCC
version available for Red Hat Linux 7.0.
gcc-objc 2.96 85
[RHBA-2001:082-05] Several bugs have been found and fixed in the GNU
Compiler Co
llection
snapshot which shipped with Red Hat Linux 7.1, and the last errata GCC
version available for Red Hat Linux 7.0.
gftp 2.0.8 1
[RHSA-2001:053-06] An updated gftp package is available for Red Hat Linux
6.2 an
d 7.1. This
package contains an upgrade to gftp version 2.0.8, which improves
functionality and fixes a format string vulnerability.
gnupg 1.0.6 1
[RHSA-2001:063-02] Updated gnupg packages are now available for Red Hat
Linux 6.
2, 7, and 7.1.
These updates address a potential vulnerability which could allow an
attacker to compute a user's secret key.
[RHSA-2001:073-04] Updated GnuPG packages are now available for Red Hat
Linux 6.
2, 7, and 7.1.
These updates include fixes for the recently-discovered format string
vulnerability.
imap 2000c 10
[RHSA-2001:094-03] The UW imap package contained various buffer overflow
vulnera
bilities
which can lead to breach of security on a host running the imap and pop
services from this package.
kdelibs 2.1.2 1
[RHSA-2001:059-03] Updated kdelibs packages fixing a security problem,
some memo
ry leaks and
some minor bugs are available.
kdelibs-devel 2.1.2 1
[RHSA-2001:059-03] Updated kdelibs packages fixing a security problem,
some memo
ry leaks and
some minor bugs are available.
kdelibs-sound 2.1.2 1
[RHSA-2001:059-03] Updated kdelibs packages fixing a security problem,
some memo
ry leaks and
some minor bugs are available.
kdelibs-sound-devel 2.1.2 1
[RHSA-2001:059-03] Updated kdelibs packages fixing a security problem,
some memo
ry leaks and
some minor bugs are available.
krb5-devel 1.2.2 12
[RHBA-2001:040-03] Updated Kerberos 5 packages are now available for Red
Hat Lin
ux 7. These
updates resolve a linkage problem introduced in RHSA-2001:025.
[RHSA-2001:060-04] Updated Kerberos 5 packages are now available for Red
Hat Lin
ux 6.2, 7,
and 7.1. These updates close a potential vulnerability present in the
gssapi-aware ftpd included in the krb5-workstation package.
[RHSA-2001:100-02] Updated Kerberos 5 packages are now available for Red
Hat Lin
ux 6.2, 7,
and 7.1. These updates close vulnerabilities due to potential buffer
overflows in the Kerberos-aware telnet server included in the
krb5-workstation package.
krb5-libs 1.2.2 12
[RHBA-2001:040-03] Updated Kerberos 5 packages are now available for Red
Hat Lin
ux 7. These
updates resolve a linkage problem introduced in RHSA-2001:025.
[RHSA-2001:060-04] Updated Kerberos 5 packages are now available for Red
Hat Lin
ux 6.2, 7,
and 7.1. These updates close a potential vulnerability present in the
gssapi-aware ftpd included in the krb5-workstation package.
[RHSA-2001:100-02] Updated Kerberos 5 packages are now available for Red
Hat Lin
ux 6.2, 7,
and 7.1. These updates close vulnerabilities due to potential buffer
overflows in the Kerberos-aware telnet server included in the
krb5-workstation package.
libstdc++ 2.96 85
[RHBA-2001:082-05] Several bugs have been found and fixed in the GNU
Compiler Co
llection
snapshot which shipped with Red Hat Linux 7.1, and the last errata GCC
version available for Red Hat Linux 7.0.
libstdc++-devel 2.96 85
[RHBA-2001:082-05] Several bugs have been found and fixed in the GNU
Compiler Co
llection
snapshot which shipped with Red Hat Linux 7.1, and the last errata GCC
version available for Red Hat Linux 7.0.
losetup 2.11b 3
[RHSA-2001:047-05] A local denial of service attack and root compromise of
the k
ernel have
been corrected, drivers have been updated, and NFS version 3 has been
integrated.
[RHSA-2001:058-04] Updated mount packages fixing a potential security
problem ar
e available.
man 1.5i2 0.7x.5
[RHSA-2001:072-14] Updated man packages fixing a local GID man exploit and
a
potential GID man to root exploit, as well as a problem with the
man paths of Red Hat Linux 5.x and 6.x.
minicom 1.83.1 8
[RHSA-2001:067-03] The minicom program allows any user with local shell
access t
o obtain
group uucp priveledges. It may also be possible for the malicious user
to obtain root priveledges as well.
mount 2.11b 3
[RHSA-2001:047-05] A local denial of service attack and root compromise of
the k
ernel have
been corrected, drivers have been updated, and NFS version 3 has been
integrated.
[RHSA-2001:058-04] Updated mount packages fixing a potential security
problem ar
e available.
mouseconfig 4.22 1
[RHBA-2001:062-02] Support for mouse devices other than /dev/mouse is only
parti
ally complete in
the mouseconfig and Xconfigurator shipped with Red Hat Linux 7.1. This
has been corrected.
netscape-common 4.77 1
[RHSA-2001:046-05] New netscape packages are availabe to fix a problem
with the
handling of
JavaScript in certain situations. By exploiting this flaw, a remote site
could gain access to the browser history, and possibly other data.
It is recommended that all users upgrade to the fixed packages.
2001-04-16: netscape-4.77-1 packages are now available for Red Hat Linux
7.1 for Intel.
netscape-communicator 4.77 1
[RHSA-2001:046-05] New netscape packages are availabe to fix a problem
with the
handling of
JavaScript in certain situations. By exploiting this flaw, a remote site
could gain access to the browser history, and possibly other data.
It is recommended that all users upgrade to the fixed packages.
2001-04-16: netscape-4.77-1 packages are now available for Red Hat Linux
7.1 for Intel.
nss_ldap 149 4
[RHSA-2001:051-18] Updated openssl packages are now available for Red Hat
Linux
6.x and 7.
These packages include security-related changes made in OpenSSL 0.9.6a and
0.9.6b which have been backported to previous versions released for Red Hat
Linux.
In addition, this advisory provides OpenSSL 0.9.6 packages for Red Hat
Linux 7, which may be used by future updates to both Red Hat Linux 7 and
Red Hat Linux 7.1.
openssl 0.9.6 9
[RHSA-2001:051-18] Updated openssl packages are now available for Red Hat
Linux
6.x and 7.
These packages include security-related changes made in OpenSSL 0.9.6a and
0.9.6b which have been backported to previous versions released for Red Hat
Linux.
In addition, this advisory provides OpenSSL 0.9.6 packages for Red Hat
Linux 7, which may be used by future updates to both Red Hat Linux 7 and
Red Hat Linux 7.1.
openssl-devel 0.9.6 9
[RHSA-2001:051-18] Updated openssl packages are now available for Red Hat
Linux
6.x and 7.
These packages include security-related changes made in OpenSSL 0.9.6a and
0.9.6b which have been backported to previous versions released for Red Hat
Linux.
In addition, this advisory provides OpenSSL 0.9.6 packages for Red Hat
Linux 7, which may be used by future updates to both Red Hat Linux 7 and
Red Hat Linux 7.1.
procmail 3.21 0.71
[RHSA-2001:093-03] Procmail, an autonomous mail processor, as shipped in
Red Hat
Linux 5.2,
6.2, 7, and 7.1, handles signals unsafely.
quota 3.01pre9 0.7.1
[RHBA-2001:108-07] An updated set of quota utilities for Red Hat Linux 7.1
is be
ing made
available. This new package fixes several problems with the quota
utilities as originally shipped. All systems using disk quotas should be
upgraded.
rhn_register 1.3.2 1
[RHBA-2001:048-05] A new version of Update Agent is available which has
more fea
tures and
fixes many bugs present in the existing Agent. Dependency resolution is
more aggressive, command line operation is enhanced, and errata information
is available.
rhn_register-gnome 1.3.2 1
[RHBA-2001:048-05] A new version of Update Agent is available which has
more fea
tures and
fixes many bugs present in the existing Agent. Dependency resolution is
more aggressive, command line operation is enhanced, and errata information
is available.
samba 2.0.10 2
[RHSA-2001:044-08] New samba packages are available; these packages
fix /tmp rac
es
in smbclient and the printing code. By exploiting these vulnerabilities,
local users could overwrite any file in the system.
It is recommended that all samba users upgrade to the fixed packages.
Please note that the packages for Red Hat Linux 6.2 require an updated
logrotate package.
Note: these packages include the security patch from Samba-2.0.9.
samba-client 2.0.10 2
[RHSA-2001:044-08] New samba packages are available; these packages
fix /tmp rac
es
in smbclient and the printing code. By exploiting these vulnerabilities,
local users could overwrite any file in the system.
It is recommended that all samba users upgrade to the fixed packages.
Please note that the packages for Red Hat Linux 6.2 require an updated
logrotate package.
Note: these packages include the security patch from Samba-2.0.9.
samba-common 2.0.10 2
[RHSA-2001:044-08] New samba packages are available; these packages
fix /tmp rac
es
in smbclient and the printing code. By exploiting these vulnerabilities,
local users could overwrite any file in the system.
It is recommended that all samba users upgrade to the fixed packages.
Please note that the packages for Red Hat Linux 6.2 require an updated
logrotate package.
Note: these packages include the security patch from Samba-2.0.9.
sendmail 8.11.6 1.7.1
[RHSA-2001:106-06] An input validation error in the debugging
functionality of a
ll currently
released versions of sendmail can enable a local user to gain root
access. New packages that fix this problem are available for Red Hat Linux
5.2, 6.2, 7.0, and 7.1.
sendmail-cf 8.11.6 1.7.1
[RHSA-2001:106-06] An input validation error in the debugging
functionality of a
ll currently
released versions of sendmail can enable a local user to gain root
access. New packages that fix this problem are available for Red Hat Linux
5.2, 6.2, 7.0, and 7.1.
telnet 0.17 18
[RHSA-2001:099-06] New telnet, telnet-server packages are available for
Red Hat
Linux 5.2,
6.2, 7.0 and 7.1.
These packages fix a problem where buffer overflows can provide root
access to local users.
It is recommended that all users update to the fixed packages.
telnet-server 0.17 18
[RHSA-2001:099-06] New telnet, telnet-server packages are available for
Red Hat
Linux 5.2,
6.2, 7.0 and 7.1.
These packages fix a problem where buffer overflows can provide root
access to local users.
It is recommended that all users update to the fixed packages.
tmpwatch 2.8 0.7.x
[RHBA-2001:104-05] The man update (RHSA-2001:072) removed several cache
director
ies in /var
that tmpwatch cleans up on a nightly basis. This update provides a new
cron script for tmpwatch that verifies the existence of cache directories
before cleaning is attempted.
up2date 2.5.4 1
[RHBA-2001:048-05] A new version of Update Agent is available which has
more fea
tures and
fixes many bugs present in the existing Agent. Dependency resolution is
more aggressive, command line operation is enhanced, and errata information
is available.
up2date-gnome 2.5.4 1
[RHBA-2001:048-05] A new version of Update Agent is available which has
more fea
tures and
fixes many bugs present in the existing Agent. Dependency resolution is
more aggressive, command line operation is enhanced, and errata information
is available.
util-linux 2.10s 13.7
[RHSA-2001:095-04] New util-linux packages are available for Red Hat Linux
7.1.
These packages
fix a problem where vipw would leave the /etc/shadow file world-readable
after editing it.
It is recommended that all users update to the fixed packages. Also, if you
have used vipw on Red Hat Linux 7.1 before, make sure to run (as root):
chmod 0400 /etc/shadow
xinetd 2.3.3 1
[RHSA-2001:075-05] Xinetd runs with umask 0 - this means that applications
using
the xinetd
umask and not setting the permissions themselves (like swat from the samba
package), will create world writable files.
[RHSA-2001:092-02] A vulnerability has been found in xinetd's string
handling.
[RHSA-2001:109-05] A security audit has been done by Solar Designer on
xinetd, a
nd the
results are now being made available as a preemptive measure.
xloadimage 4.1 20
[RHSA-2001:088-04] These updated packages fix a buffer overflow in the
faces reader. This is normally not a security problem; however, xloadimage
is called by the 'plugger' program from inside Netscape to handle some
image types. Hence, a remote site could cause arbitrary code to be
executed as
the user running Netscape. It is recommended that users of Netscape
and plugger update to the fixed xloadimage packages.
Plugger was shipped in Red Hat Powertools 6.2; if you have
only installed packages from Red Hat Linux 6.2, you are not vulnerable
to this exploit.
ypbind 1.7 8
[RHBA-2001:076-02] The ypbind system initialization script included with
Red Hat
Linux 7.1
sometimes fails to bind to a NIS server, but it reports success.
The following Packages were marked to be skipped by your configuration:
Name Version Rel Reason
---------------------------------------------------------------------------
----
initscripts 5.84 1 Config modified
[RHBA-2001:108-07] An updated set of quota utilities for Red Hat Linux 7.1
is be
ing made
available. This new package fixes several problems with the quota
utilities as originally shipped. All systems using disk quotas should be
upgraded.
kernel 2.4.3 12 Pkg
name/pattern
[RHSA-2001:084-03] A security hole has been found that does not affect the
defau
lt
configuration of Red Hat Linux, but it can affect some custom
configurations of Red Hat Linux 7.1. The bug is specific
to the Linux 2.4 kernel series. Aside from the fix, countless bugfixes
have been applied to this kernel as a result of code-audits by the
MC project of the Stanford University and others.
kernel-headers 2.4.3 12 Pkg
name/pattern
[RHSA-2001:084-03] A security hole has been found that does not affect the
defau
lt
configuration of Red Hat Linux, but it can affect some custom
configurations of Red Hat Linux 7.1. The bug is specific
to the Linux 2.4 kernel series. Aside from the fix, countless bugfixes
have been applied to this kernel as a result of code-audits by the
MC project of the Stanford University and others.
kernel-smp 2.4.3 12 Pkg
name/pattern
[RHSA-2001:084-03] A security hole has been found that does not affect the
defau
lt
configuration of Red Hat Linux, but it can affect some custom
configurations of Red Hat Linux 7.1. The bug is specific
to the Linux 2.4 kernel series. Aside from the fix, countless bugfixes
have been applied to this kernel as a result of code-audits by the
MC project of the Stanford University and others.
Expected Results: { This text box to enter the fixed example is word
wrapping, so it can't be properly displayed, but basicly each result
should end up on one line of output. }
...
Getting headers for skipped packages...
Name Version Rel
--------------------------------------------------------------
LPRng 3.7.4 23
[RHSA-2001:077-05] When LPRng drops uid and gid, it fails to drop
membership in its supplemental groups.
SysVinit 2.78 17
[RHBA-2001:085-02] New SysVinit packages are available for Red Hat Linux
7.1; these packages fix a problem where various things would fail on a
serial console (suchas single user mode) when used with the Linux kernel
version 2.4.3 or higher. It is recommended that all users update to the
fixed packages, especially those that use a serial console.
...
Additional info:

hmm, well. the client just prints the string out. I'll see if
I can do anything to clean it up.
But of course, this isnt really intended to be a particular
parseable format, it's just a blurb of info meant for humans
to read.
I've added a newline between each new entry for the time being,
seems to make it a bit easier to read.

Note

You need to
log in
before you can comment on or make changes to this bug.